Sitecore Common Audit Log

Sitecore Common Audit Log is an audit log service that records user activities as they occur in supported Sitecore digital experience platform (DXP) applications.

Important

Audit logging is disabled by default. To enable it, create a support case in the Sitecore Cloud Portal with Impact set to Minimal.

Audit logs are historical records of the activities users perform in your Sitecore DXP apps. Keeping a record of activities helps your organization:

  • Comply with industry regulations.

  • Investigate user activities.

  • Reconstruct events that led to bugs or other unexpected behavior.

  • Identify suspicious activity and combat security threats that could harm business operations.

Sitecore Common Audit Log records, for example, when a user logs in to Sitecore Personalize, or views, creates, updates, and deletes data. For every logged activity, the Common Audit Log also records the IP address, web browser, and ID of the user who performed the activity, as well as the date and time the activity occurred.

Accessing audit logs

If audit logging is enabled for your Sitecore Cloud Portal organization, team members with an Organization Admin or Organization Owner role can securely access audit logs using the Webhook REST API. This REST API lets you forward all audit logs from all supported Sitecore DXP apps to systems outside Sitecore. For example, to a security information and event management (SIEM) system, where you can analyze the recorded audit logs.

Supported Sitecore DXP applications

If audit logging is enabled for your Sitecore Cloud Portal organization, the Common Audit Log records logs in the following Sitecore DXP applications:

Audit log retention policy

The Common Audit Log retains logs for one year.

Do you have some feedback for us?

If you have suggestions for improving this article,